Heartbleed bug : Change your passwords to avoid

Heartbleed is a bug in the open-source cryptography library Open SSL which allows attackers to read the memory of servers which use Open SSL. The bug is considered as the biggest

heartbleed

threat since the internet was invented, as it affects many popular social networks and online services like Facebook, Google, Dropbox, and more to be listed below.

What caused the heartbleed? On April 7, 2014, it was announced that OpenSSL 1.0.2 beta, as well as all versions of OpenSSL in the 1.0.1 series except 1.0.1g had a severe memory handling bug in their implementation of the TLS Heartbeat Extension. This defect could be used to reveal up to 64 kilobytes of the application’s memory with every heartbeat.

Top social networks & online service got affected by the heartbleed bug

“We added protections for Facebook’s implementation of OpenSSL before this issue was publicly disclosed. We haven’t detected any signs of suspicious account activity, but we encourage people to … set up a unique password.”

Twitter

Not affected

No action required

Gmail

Affected

“We have assessed the SSL vulnerability and applied patches to key Google services.”*Google said users do not need to change their passwords, but because of the previous vulnerability, better safe than sorry.

Paypal

Not affected

“Your PayPal account details were not exposed in the past and remain secure.”

LinkedIn

Not affected

“We didn’t use the offending implementation of OpenSSL in www.linkedin.com or www.slideshare.net. As a result, HeartBleed does not present a risk to these web properties.”

tumblr

Affected

“We have no evidence of any breach and, like most networks, our team took immediate action to fix the issue.”

Amazon

Not affected

Nothing required – no statement

Dropbox

Affected

“We’ve patched all of our user-facing services & will continue to work to make sure your stuff is always safe.”

SoundCloud

Affected

“We will be signing out everyone from their SoundCloud accounts … and when you sign back in, the fixes we’ve already put in place will take effect.”

Wunderlist

Affected

“You’ll have to simply log back into Wunderlist. We also strongly recommend that you reset your password for Wunderlist.”

Yahoo

Affected

“As soon as we became aware of the issue, we began working to fix it… and we are working to implement the fix across the rest of our sites right now.”

Microsoft

Not Affected

Nothing from your side

Hotmail/outlook

Not Affecte

N/A

Up till this moment 22:21:31, 2014-04-10, we didn’t detect any complaint from any individual or corporation around the world reporting any infringement to their passwords caused by the heartbleed – We will capture any thing for you as it happens – keep an eye on Digital Boom.

In the meanwhile, to stay safe, we recommend to change all important services’ passwords in order to maintain your privacy and keep things organized.